Android Trojan FakeApp masquerading as legitimate

A variant of Android/Trojan.FakeApp is stealing the identities of popular applications (apps) such as TrueCaller and Torque Pro.

This slideshow requires JavaScript.

As soon as the FakeApp is installed a shortcut with an icon stolen from one of these popular apps is created, and a notification pops up. The notification also appears whenever the shortcut icon is clicked.

The code that creates the notification is pretty simple, and points to the domain apx.avazutracking(dot)net which redirects to another website.

Click the notification and the redirect from apx.avazutracking(dot)net will send you through a list of several other redirects, which are all randomly determined by the last.

Some of these redirects are to ad sites so the scammers can gain a little revenue from pay-per-click browsing. Eventually the redirects end on a series of different websites. Sometimes it even ends on Google PLAY itself; pointing to the details page of a specific app to install. Here are some examples:

This slideshow requires JavaScript.

If a user installs the app offered the scammers get a little more revenue. If a user fills out the information for the sweepstakes they supposedly “won”, once again they get paid, but with the addition of a third-party gaining personal information about the user.

There are hundreds of variants of FakeApp like this out there being distributed thousands of times, and it only takes a small percentage of people to be tricked for the people behind it to make many.

Don’t get fooled by such shenanigans yourself; if it looks phishy, it probably is.

July 27, 2018 - With its release around the corner, we take a close look at the Android P security improvements and how the newest version of Android will better protect the privacy and data of its users.

July 23, 2018 - Adware MobiDash, an ad-displaying nuisance, now comes with some additional stealth features. As a result, these features hide the existence of Adware MobiDash—even when it’s in plain sight.

June 20, 2018 - The extremely popular video game Fortnite is coming to Android sometime this summer, and the fanbase is going wild. Not surprisingly, mobile malware developers are taking advantage. Already, there are several videos on YouTube with links claiming to be versions of Fortnite for Android. Spoiler alert: they're fake.

June 4, 2018 - A bike racing game on Google Play locks users' screens, displays full-screen ads, and is notoriously difficult to uninstall. It's no wonder Android game reviewers demand to know how to get rid of it. We show you how.

May 7, 2018 - Way back in early 2013, a new antivirus (AV) company emerged into the mobile security software industry that had everyone perplexed. It seemed like a fake Android AV, but received certification by a reputable AV testing organization! Now, five years later, it's back. Here's why you shouldn't trust it.